Kremlin dismissal of the Panama Papers scandal as mere "Putinophobia" cooked up by the US to discredit Russia's president aside, most other governments are taking the leaked documents seriously. At least seven countries have opened investigations into the data around the world open investigations into the data released by investigative reporters at Süddeutsche Zeitung and its media partners. Iceland's government may fall as a result of the scandal, and Süddeutsche Zeitung says that more revelations are coming. So far the leaked documents purport to show that Panamanian law firm Mossack Fonseca was connected with about 215,000 shell companies.
Anonymous prepares for its annual operation against Israeli websites. April 7 is the now traditional date dedicated to expressing hacktivist support for Palestinian interests. Israeli sites are bracing for the expected attacks.
Internal audits suggest that US State Department passport and visa databases remain vulnerable to compromise, although so far at least no leaks appear to have occurred.
The Taliban's Islamist propaganda app made it into the Google Play Store, where it remained for two days until Google noticed what was up and ejected the Taliban for violations of terms and conditions.
Google patched yesterday, closing eight vulnerabilities it characterized as "critical."
In industry news, Dell SecureWorks prepares for its April IPO. Layoffs continue at IBM, and may reach 14,000 in fiscal 2016. Palo Alto Networks expands its partner program.
The FBI offers other law enforcement agencies help gaining access to smart phones. UK police seem content with more traditional investigative methods.
Today's issue includes events affecting Argentina, Australia, Austria, British Virgin Islands, China, Egypt, Finland, France, Germany, Iceland, Israel, Morocco, Netherlands, Niue, Panama, Qatar, Russia, Saudi Arabia, Serbia, Spain, Sweden, Turkey, Ukraine, United Kingdom, United States.
Catch the CyberWire's Podcast this afternoon, in which we'll talk with Yoni Shohet, CEO and co-founder of SCADAfence.SCADAFence about the challenges of securing industrial control systems in manufacturing processes. We'll also hear from the University of Maryland's Markus Rauschecker about how standards are established in legal cases regarding cyber security.
SINET IT Security Entrepreneurs Forum (ITSEF) 2016(Mountain View, California, USA, April 19 - 20, 2016) The IT Security Entrepreneurs Forum (ITSEF) offers a venue for entrepreneurs to meet leaders of government, business and the investment community for open collaboration on the challenges of cybersecurity.
Cyber Attacks, Threats, and Vulnerabilities
Massive Law Firm Hack Reveals Rich Hiding Money(eWeek) Hackers allegedly stole more than 11.5 million documents from the Panamanian law firm of Mossack Fonseca, detailing the workings of offshore accounts for many politicians and the rich, and delivered the information to journalists
Here’s What We Know About the ‘Panama Papers’(New York TImes) On Sunday a group of global news organizations published articles based on a trove of leaked confidential documents from a law firm in Panama. They exposed how some of the world’s most powerful people were said to have used offshore bank accounts to conceal their wealth or avoid taxes
The Names in the Panama Papers(The Atlantic) Documents leaked Sunday from a Panama-based firm purport to show corruption and questionable business practices of world leaders, politicians, and others
Kremlin rejects Panama leaks as ‘Putinophobia’(Financial Times) The Kremlin dismissed a report about billions of dollars in offshore funds circulating among intimates of Vladimir Putin as a case of “Putinophobia” whipped up by the US to discredit the Russian president
‘Surreptitious Sharing’ Android API Flaw Leaks Data, Private Keys(Threatpost) Researchers have identified a vulnerability in an Android API used by messaging apps such as Skype and perhaps more concerning, privacy-centric apps such as Signal, and Telegram, that could lead to privilege escalation and data loss including private keys
Sources: Trump Hotels Breached Again(Krebs on Security) Banking industry sources tell KrebsOnSecurity that the Trump Hotel Collection — a string of luxury properties tied to business magnate and Republican presidential candidate Donald Trump — appears to be dealing with another breach of its credit card systems. If confirmed, this would be the second such breach at the Trump properties in less than a year
A cyber attack turned out the lights on 80,000. What can stop them?(Reuters) In the middle of the afternoon on Dec. 23, at least 80,000 Ukrainians suddenly lost access to electricity. It was, U.S. officials and other analysts believe, the most dramatic escalation in several years of the quietly growing international confrontation in cyberspace
More IoT device security woes in latest Bitdefender research(IoT Tech) New research shows that the move to smart homes is actually putting householders at risk of privacy theft after the discovery that a number of commonly used Internet of Things (IoT) consumer devices are vulnerable to cyber attack
Dell's SecureWorks plans April IPO(CIO Dive) SecureWorks Corp., a cybersecurity firm owned by Dell Inc., plans to launch its IPO this month, according to a report from the Wall Street Journal
Dell To End The IPO Drought, But Is SecureWorks A Buy?(Seeking Alpha) Dell’s SecureWorks is expected to go public soon. The 18-year-old cyber security company has a net loss, disappointing margins, and questionable ability to operate independently from its parent company. Even though cyber security is a great segment for the long haul, SecureWorks is not the best peak right now
DoD Certifies Fidelis Threat Defense Offering(ExecutiveBiz) A Fidelis Cybersecurity-designed threat defense offering has been added to the Defense Department’s list of products certified for interoperability and information assurance via an assessment stage
Opinion: The NSA must adapt to survive the Digital Age(Christian Science Monitor) National Security Agency Director Adm. Mike Rogers has undertaken an incredibly important overhaul of the agency – a plan known as NSA21 – that will ensure it remains well ahead of America's adversaries
Flag Officer Assignments(US Department of Defense) The Secretary of the Navy Ray Mabus and Chief of Naval Operations Adm. John M. Richardson announced today the following assignments: Rear Adm. Sean R. Filipowski will be assigned as deputy director, Signal Intelligence Directorate, National Security Agency, Fort Meade, Maryland
Was an Asian government reading Hillary Clinton’s emails in February 2009?(Washington Post) I continue to be fascinated by the very early chapters of the Hillary Clinton homebrew email saga. For one simple reason: the clintonemail.com server apparently didn’t have the digital certificate needed to encrypt communications until late March 2009 — more than two months after the server was up and running, and after Secretary Clinton’s swearing-in on January 22
Hillary's 'classified' smokescreen hides real crime: Column(USA Today) Stewart Baker, writing for The Volokh Conspiracy Blog at the Washington Post on Monday, raises some largely overlooked, yet potentially very troubling issues related to Hillary Clinton’s use of private server while serving as Secretary of State
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
SANS Atlanta 2016(Atlanta, Georgia, USA, April 4 - 9, 2016) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...
Billington CyberSecurity INTERNATIONAL Summit(Washington, DC, USA, April 5, 2016) On April 5, in Washington, D.C., join leading cybersecurity officials from across the globe at the Billington CyberSecurity INTERNATIONAL Summit to engage in an intensive information exchange between leading...
Cyber Security Summit Atlanta(Atlanta, Georgia, USA, April 6, 2016) The Inaugural Atlanta Cyber Security Summit will be held April 6th at the Ritz-Carlton, Buckhead. This event is for Sr. Executives only. We are Honored to have the US Asst. Attorney General of National...
ASIS 15th European Security Conference & Exhibition(London, England, UK, April 6 - 8, 2016) ASIS Europe 2016 invites you to join security professionals and experts from over Europe and beyond in one of the most dynamic centres of business and culture in the world
ISC West 2016(Las Vegas, Nevada, USA, April 6 - 8, 2016) ISC West is the leading physical security event to unite the entire security channel, from dealers, installers, integrators, specifiers, consultants and end-users of physical, network and IT products.
ASIS 15th European Security Conference & Exhibition (London, England, UK, April 6 - 8, 2016) ASIS Europe 2016 invites you to join security professionals and experts from over Europe and beyond in one of the most dynamic centres of business and culture in the world.
Cyber Risk Management 360(Baltimore, Maryland, USA, April 7, 2016) The Cybersecurity Association of Maryland, Inc. (CAMI) is partnering with the MD Department of Commerce, Chesapeake Regional Tech Council and Greater Baltimore Committee to host our first Signature event...
Cybersecurity and Privacy Protection Conference(Cleveland, Ohio, USA, April 7 - 8, 2016) The Center for Cybersecurity and Privacy Protection 2016 Conference will bring together experienced government officials, in-house counsels, business executives, cyber insurance leaders, litigators, information...
Spring Conference 2016: Creating a Cybersecurity Communtiy(Los Angeles, California, USA, April 11, 2016) The ISACA Los Angeles Chapter provides affordable quality training on fundamental information systems auditing concepts and emerging technology risks, and an opportunity to network with other auditing...
Rock Stars of Risk-based Security(Washington, DC, USA, April 12, 2016) Virtually every company will be hacked, and today, experts accept that a 100% security solution is not feasible. Advanced risk assessment and mitigation is the order of the day. Rock Stars of Risk-Based...
Federal Security Summit 2016(Washington, DC, USA, April 12, 2016) Advanced threats and more sophisticated hackers are making it increasingly difficult to protect mission-critical government systems and communications. The U.S. Government is probed 1.8 billion times per...
Workforce 2.0: How to Cultivate Cybersecurity Professionals(Baltimore, Maryland, USA, April 12, 2016) Please join Passcode along with White House Chief Information Officer Tony Scott and other leading figures in digital security to explore the newest ideas and approaches to close the cybersecurity skills...
Threat Hunting & Incident Response Summit 2016(New Orleans, Louisiana, USA, April 12 - 13, 2016) The Threat Hunting & Incident Response Summit 2016 focuses on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting...
QuBit Conference(Prague, the Czech Republic, April 12 - 14, 2016) QuBit offers you a unique chance to attend 2 selected Mandiant training courses, taught by some of the most experienced cyber security professionals in the business
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.